Dig command – What is it, and what is it used for?
The Dig command is software with a command-line interface (CLI) that is designed for domain probing. The short abbreviation “Dig” stands for Domain Information Groper. It is a very helpful tool that can be used on devices with almost every operating system (OS), like macOS and Linux.
Through the Dig command, you have the ability to perform different types of DNS queries and receive valuable information about the DNS records, such as A, AAAA, MX, SOA, NS, or complete a Reverse DNS lookup and check PTR records.
You could utilize the command and inspect for difficulties that are related to your domain or the services you apply, such as email or FTP.
Examples of the Dig command
If you want to perform some of the following examples, the first thing you should do is to open the Terminal app on your macOS or Linux device. In case you are a Windows user, you should open the Command Prompt.
All DNS records related to a host.
You could use this example to see all of the available DNS records for a particular host. In addition, this type of DNS query is helpful for any other further diagnostics that you might want to perform.
dig yourwebsite.net ANY
In this example, you could make a query for the IP address (IPv4) of a domain. With the direct dig command, you are going to receive additional information:
In case you desire to receive a simple answer only with the IP address, you should use the following:
dig yourwebsite.net +short
If you want to make a request and view the primary server for the DNS zone, you should type the following:
dig yourwebsite.net SOA
If you want to make a request and view the mail servers for a specific domain, you should type the following:
dig yourwebsite.net MX
With this example, you could examine if the arrangement of your SPF record or TXT record is accurate:
dig yourwebsite.net TXT
With this example, you could perform a Reverse DNS lookup and examine if you have properly set your PTR records.
dig –x 18.104.22.168
Set an exact port.
In case you don’t want to use the default port 53, with this command, you could easily set up a different one:
dig –p 51 yourwebsite.net
Setting a DNS resolver.
With this example, you could choose the DNS resolver and trace the route from that particular point. For illustration, in this example, we are going to use Google (22.214.171.124) and examine if it can resolve the DNS zone successfully.
dig @126.96.36.199 yourwebsite.net
Why should you use it?
With the Dig command, you are going to receive a very rich answer. Even in cases when you complete just a basic DNS query (dig + hostname), the information is going to be more rather than the nslookup (nslookup + hostname). Additionally, it will indicate if the answer is coming from an authoritative name server or recursive, and you will see TTL values without completing extra probes.
If we have to compare it with the host command, the Dig command provides more clear answers and separation of question part, answer part, authority, and other sections. Moreover, you could use more precise options for probing with the Dig command.